LokiLocker (Malware Family)

LokiLocker

LokiLocker is a .Net ransomware, which was seen first in August 2021. This malware is protected with NETGuard (modified ConfuserEX) using the additional KoiVM virtualization plugin.
The victims were observed ti be scattered around the world, with main concentation in Estern Europe and Asia (BlackBerry).

References

2023-05-15 ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
LokiLocker, a Ransomware Similar to BlackBit Being Distributed in Korea
LokiLocker

2022-03-23 ⋅ MSSPAlert ⋅ D. Howard Kass
LokiLocker Ransomware May Use False Flag to Avoid Identification
LokiLocker

2022-03-16 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
New Ransomware Family Identified: LokiLocker RaaS Targets Windows Systems
LokiLocker

2022-03-16 ⋅ The Register ⋅ Jeff Burt
BlackBerry says extortionists erase documents if ransom unpaid
LokiLocker

There is no Yara-Signature yet.

LokiLocker Propose Change

References

LokiLocker